0000: 23 21 20 2f 75 73 72 2f 62 69 6e 2f 65 6e 76 20 #! /usr/bin/env
0010: 73 68 0a 0a 62 69 74 73 3d 27 32 30 34 38 27 0a sh..bits='2048'.
0020: 0a 66 75 6e 63 74 69 6f 6e 20 6f 70 65 6e 73 73 .function openss
0030: 6c 5f 64 68 70 61 72 61 6d 28 29 20 7b 0a 09 6c l_dhparam() {..l
0040: 6f 63 61 6c 20 6f 75 74 70 75 74 0a 0a 09 69 66 ocal output...if
0050: 20 5b 20 2d 78 20 22 60 77 68 69 63 68 20 6f 70 [ -x "`which op
0060: 65 6e 73 73 6c 20 32 3e 2f 64 65 76 2f 6e 75 6c enssl 2>/dev/nul
0070: 6c 60 22 20 5d 3b 20 74 68 65 6e 0a 09 09 6f 75 l`" ]; then...ou
0080: 74 70 75 74 3d 22 60 6f 70 65 6e 73 73 6c 20 64 tput="`openssl d
0090: 68 70 61 72 61 6d 20 2d 43 20 22 24 40 22 20 32 hparam -C "$@" 2
00a0: 3e 2f 64 65 76 2f 6e 75 6c 6c 60 22 20 7c 7c 20 >/dev/null`" ||
00b0: 72 65 74 75 72 6e 20 31 0a 09 09 6f 75 74 70 75 return 1...outpu
00c0: 74 3d 22 60 65 63 68 6f 20 22 24 7b 6f 75 74 70 t="`echo "${outp
00d0: 75 74 7d 22 20 7c 20 73 65 64 20 27 2f 5e 2d 2d ut}" | sed '/^--
00e0: 2d 2d 2d 42 45 47 49 4e 20 44 48 20 50 41 52 41 ---BEGIN DH PARA
00f0: 4d 45 54 45 52 53 2d 2d 2d 2d 2d 24 2f 2c 2f 5e METERS-----$/,/^
0100: 2d 2d 2d 2d 2d 45 4e 44 20 44 48 20 50 41 52 41 -----END DH PARA
0110: 4d 45 54 45 52 53 2d 2d 2d 2d 2d 24 2f 20 64 3b METERS-----$/ d;
0120: 2f 5e 23 2f 20 64 27 60 22 20 7c 7c 20 72 65 74 /^#/ d'`" || ret
0130: 75 72 6e 20 31 0a 0a 09 09 65 63 68 6f 20 22 24 urn 1....echo "$
0140: 7b 6f 75 74 70 75 74 7d 22 0a 0a 09 09 72 65 74 {output}"....ret
0150: 75 72 6e 20 30 0a 09 66 69 0a 0a 09 72 65 74 75 urn 0..fi...retu
0160: 72 6e 20 31 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e rn 1.}..function
0170: 20 67 65 6e 5f 64 68 5f 70 61 72 61 6d 73 5f 6f gen_dh_params_o
0180: 70 65 6e 73 73 6c 28 29 20 7b 0a 09 6f 70 65 6e penssl() {..open
0190: 73 73 6c 5f 64 68 70 61 72 61 6d 20 22 24 7b 62 ssl_dhparam "${b
01a0: 69 74 73 7d 22 20 3c 20 2f 64 65 76 2f 6e 75 6c its}" < /dev/nul
01b0: 6c 20 7c 7c 20 72 65 74 75 72 6e 20 31 0a 09 72 l || return 1..r
01c0: 65 74 75 72 6e 20 30 0a 7d 0a 0a 66 75 6e 63 74 eturn 0.}..funct
01d0: 69 6f 6e 20 67 65 6e 5f 64 68 5f 70 61 72 61 6d ion gen_dh_param
01e0: 73 5f 72 65 6d 6f 74 65 28 29 20 7b 0a 09 6c 6f s_remote() {..lo
01f0: 63 61 6c 20 69 6e 70 75 74 20 6f 75 74 70 75 74 cal input output
0200: 20 75 72 6c 0a 0a 09 75 72 6c 3d 22 68 74 74 70 url...url="http
0210: 73 3a 2f 2f 32 74 6f 6e 2e 63 6f 6d 2e 61 75 2f s://2ton.com.au/
0220: 64 68 70 61 72 61 6d 2f 24 7b 62 69 74 73 7d 22 dhparam/${bits}"
0230: 0a 0a 09 69 6e 70 75 74 3d 22 60 63 75 72 6c 20 ...input="`curl
0240: 2d 73 53 20 22 24 7b 75 72 6c 7d 22 60 22 20 7c -sS "${url}"`" |
0250: 7c 20 5c 0a 09 09 69 6e 70 75 74 3d 22 60 77 67 | \...input="`wg
0260: 65 74 20 2d 4f 20 2d 20 2d 6f 20 2f 64 65 76 2f et -O - -o /dev/
0270: 6e 75 6c 6c 20 22 24 7b 75 72 6c 7d 22 60 22 20 null "${url}"`"
0280: 7c 7c 20 72 65 74 75 72 6e 20 31 0a 0a 09 69 66 || return 1...if
0290: 20 6f 75 74 70 75 74 3d 22 60 65 63 68 6f 20 22 output="`echo "
02a0: 24 7b 69 6e 70 75 74 7d 22 20 7c 20 6f 70 65 6e ${input}" | open
02b0: 73 73 6c 5f 64 68 70 61 72 61 6d 60 22 3b 20 74 ssl_dhparam`"; t
02c0: 68 65 6e 0a 09 09 65 63 68 6f 20 22 24 7b 6f 75 hen...echo "${ou
02d0: 74 70 75 74 7d 22 0a 0a 09 09 72 65 74 75 72 6e tput}"....return
02e0: 20 30 0a 09 66 69 0a 0a 09 72 65 74 75 72 6e 20 0..fi...return
02f0: 31 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 67 65 1.}..function ge
0300: 6e 5f 64 68 5f 70 61 72 61 6d 73 5f 66 61 6c 6c n_dh_params_fall
0310: 62 61 63 6b 28 29 20 7b 0a 09 63 61 74 20 3c 3c back() {..cat <<
0320: 20 5c 5f 45 4f 46 5f 0a 44 48 20 2a 67 65 74 5f \_EOF_.DH *get_
0330: 64 68 32 30 34 38 28 29 0a 09 7b 0a 09 73 74 61 dh2048()..{..sta
0340: 74 69 63 20 75 6e 73 69 67 6e 65 64 20 63 68 61 tic unsigned cha
0350: 72 20 64 68 32 30 34 38 5f 70 5b 5d 3d 7b 0a 09 r dh2048_p[]={..
0360: 09 30 78 43 31 2c 30 78 35 31 2c 30 78 35 38 2c .0xC1,0x51,0x58,
0370: 30 78 36 39 2c 30 78 46 42 2c 30 78 45 38 2c 30 0x69,0xFB,0xE8,0
0380: 78 36 43 2c 30 78 34 37 2c 30 78 32 42 2c 30 78 x6C,0x47,0x2B,0x
0390: 38 36 2c 30 78 36 31 2c 30 78 34 46 2c 0a 09 09 86,0x61,0x4F,...
03a0: 30 78 32 30 2c 30 78 32 45 2c 30 78 44 33 2c 30 0x20,0x2E,0xD3,0
03b0: 78 46 43 2c 30 78 31 39 2c 30 78 45 45 2c 30 78 xFC,0x19,0xEE,0x
03c0: 42 38 2c 30 78 46 33 2c 30 78 33 35 2c 30 78 37 B8,0xF3,0x35,0x7
03d0: 44 2c 30 78 42 41 2c 30 78 38 36 2c 0a 09 09 30 D,0xBA,0x86,...0
03e0: 78 32 41 2c 30 78 43 33 2c 30 78 43 38 2c 30 78 x2A,0xC3,0xC8,0x
03f0: 36 45 2c 30 78 46 34 2c 30 78 39 39 2c 30 78 37 6E,0xF4,0x99,0x7
0400: 35 2c 30 78 36 35 2c 30 78 44 33 2c 30 78 37 41 5,0x65,0xD3,0x7A
0410: 2c 30 78 39 45 2c 30 78 44 46 2c 0a 09 09 30 78 ,0x9E,0xDF,...0x
0420: 44 34 2c 30 78 31 46 2c 30 78 38 38 2c 30 78 45 D4,0x1F,0x88,0xE
0430: 33 2c 30 78 31 37 2c 30 78 46 43 2c 30 78 41 31 3,0x17,0xFC,0xA1
0440: 2c 30 78 45 44 2c 30 78 41 32 2c 30 78 42 36 2c ,0xED,0xA2,0xB6,
0450: 30 78 37 37 2c 30 78 38 34 2c 0a 09 09 30 78 41 0x77,0x84,...0xA
0460: 41 2c 30 78 30 38 2c 30 78 46 32 2c 30 78 39 37 A,0x08,0xF2,0x97
0470: 2c 30 78 35 39 2c 30 78 37 41 2c 30 78 41 30 2c ,0x59,0x7A,0xA0,
0480: 30 78 30 33 2c 30 78 30 44 2c 30 78 33 45 2c 30 0x03,0x0D,0x3E,0
0490: 78 37 45 2c 30 78 36 44 2c 0a 09 09 30 78 36 35 x7E,0x6D,...0x65
04a0: 2c 30 78 36 41 2c 30 78 41 34 2c 30 78 45 41 2c ,0x6A,0xA4,0xEA,
04b0: 30 78 35 34 2c 30 78 41 39 2c 30 78 35 32 2c 30 0x54,0xA9,0x52,0
04c0: 78 35 46 2c 30 78 36 33 2c 30 78 42 34 2c 30 78 x5F,0x63,0xB4,0x
04d0: 42 43 2c 30 78 39 38 2c 0a 09 09 30 78 34 45 2c BC,0x98,...0x4E,
04e0: 30 78 46 36 2c 30 78 45 31 2c 30 78 41 34 2c 30 0xF6,0xE1,0xA4,0
04f0: 78 45 45 2c 30 78 31 36 2c 30 78 30 41 2c 30 78 xEE,0x16,0x0A,0x
0500: 42 30 2c 30 78 30 31 2c 30 78 42 44 2c 30 78 39 B0,0x01,0xBD,0x9
0510: 46 2c 30 78 41 31 2c 0a 09 09 30 78 45 38 2c 30 F,0xA1,...0xE8,0
0520: 78 32 33 2c 30 78 32 39 2c 30 78 35 36 2c 30 78 x23,0x29,0x56,0x
0530: 34 30 2c 30 78 39 35 2c 30 78 31 33 2c 30 78 45 40,0x95,0x13,0xE
0540: 42 2c 30 78 43 42 2c 30 78 44 35 2c 30 78 46 43 B,0xCB,0xD5,0xFC
0550: 2c 30 78 37 36 2c 0a 09 09 30 78 31 41 2c 30 78 ,0x76,...0x1A,0x
0560: 34 31 2c 30 78 32 36 2c 30 78 43 45 2c 30 78 32 41,0x26,0xCE,0x2
0570: 30 2c 30 78 45 42 2c 30 78 33 30 2c 30 78 31 30 0,0xEB,0x30,0x10
0580: 2c 30 78 31 37 2c 30 78 30 37 2c 30 78 45 31 2c ,0x17,0x07,0xE1,
0590: 30 78 38 43 2c 0a 09 09 30 78 41 43 2c 30 78 35 0x8C,...0xAC,0x5
05a0: 37 2c 30 78 33 37 2c 30 78 38 42 2c 30 78 45 38 7,0x37,0x8B,0xE8
05b0: 2c 30 78 30 31 2c 30 78 44 45 2c 30 78 41 39 2c ,0x01,0xDE,0xA9,
05c0: 30 78 45 46 2c 30 78 41 34 2c 30 78 43 32 2c 30 0xEF,0xA4,0xC2,0
05d0: 78 41 34 2c 0a 09 09 30 78 36 45 2c 30 78 34 38 xA4,...0x6E,0x48
05e0: 2c 30 78 32 35 2c 30 78 31 31 2c 30 78 33 33 2c ,0x25,0x11,0x33,
05f0: 30 78 31 31 2c 30 78 44 34 2c 30 78 35 32 2c 30 0x11,0xD4,0x52,0
0600: 78 37 39 2c 30 78 38 37 2c 30 78 39 46 2c 30 78 x79,0x87,0x9F,0x
0610: 37 35 2c 0a 09 09 30 78 36 31 2c 30 78 46 37 2c 75,...0x61,0xF7,
0620: 30 78 39 43 2c 30 78 37 44 2c 30 78 33 36 2c 30 0x9C,0x7D,0x36,0
0630: 78 34 31 2c 30 78 43 42 2c 30 78 45 43 2c 30 78 x41,0xCB,0xEC,0x
0640: 38 46 2c 30 78 45 41 2c 30 78 34 41 2c 30 78 34 8F,0xEA,0x4A,0x4
0650: 37 2c 0a 09 09 30 78 36 41 2c 30 78 33 36 2c 30 7,...0x6A,0x36,0
0660: 78 33 37 2c 30 78 37 35 2c 30 78 42 39 2c 30 78 x37,0x75,0xB9,0x
0670: 38 45 2c 30 78 46 35 2c 30 78 35 46 2c 30 78 36 8E,0xF5,0x5F,0x6
0680: 37 2c 30 78 43 46 2c 30 78 31 46 2c 30 78 44 38 7,0xCF,0x1F,0xD8
0690: 2c 0a 09 09 30 78 43 41 2c 30 78 37 30 2c 30 78 ,...0xCA,0x70,0x
06a0: 34 32 2c 30 78 43 37 2c 30 78 41 32 2c 30 78 45 42,0xC7,0xA2,0xE
06b0: 44 2c 30 78 30 46 2c 30 78 37 44 2c 30 78 42 45 D,0x0F,0x7D,0xBE
06c0: 2c 30 78 34 33 2c 30 78 30 38 2c 30 78 32 38 2c ,0x43,0x08,0x28,
06d0: 0a 09 09 30 78 36 36 2c 30 78 33 44 2c 30 78 44 ...0x66,0x3D,0xD
06e0: 44 2c 30 78 38 37 2c 30 78 30 44 2c 30 78 36 31 D,0x87,0x0D,0x61
06f0: 2c 30 78 36 45 2c 30 78 44 30 2c 30 78 45 37 2c ,0x6E,0xD0,0xE7,
0700: 30 78 34 39 2c 30 78 44 31 2c 30 78 37 30 2c 0a 0x49,0xD1,0x70,.
0710: 09 09 30 78 41 39 2c 30 78 34 44 2c 30 78 44 35 ..0xA9,0x4D,0xD5
0720: 2c 30 78 46 44 2c 30 78 45 44 2c 30 78 46 32 2c ,0xFD,0xED,0xF2,
0730: 30 78 36 44 2c 30 78 33 32 2c 30 78 31 37 2c 30 0x6D,0x32,0x17,0
0740: 78 39 37 2c 30 78 35 42 2c 30 78 30 36 2c 0a 09 x97,0x5B,0x06,..
0750: 09 30 78 36 30 2c 30 78 39 43 2c 30 78 35 46 2c .0x60,0x9C,0x5F,
0760: 30 78 41 33 2c 30 78 35 44 2c 30 78 33 34 2c 30 0xA3,0x5D,0x34,0
0770: 78 31 34 2c 30 78 37 45 2c 30 78 36 33 2c 30 78 x14,0x7E,0x63,0x
0780: 35 34 2c 30 78 45 34 2c 30 78 37 45 2c 0a 09 09 54,0xE4,0x7E,...
0790: 30 78 30 39 2c 30 78 38 46 2c 30 78 42 42 2c 30 0x09,0x8F,0xBB,0
07a0: 78 38 45 2c 30 78 41 30 2c 30 78 44 30 2c 30 78 x8E,0xA0,0xD0,0x
07b0: 39 36 2c 30 78 41 43 2c 30 78 33 30 2c 30 78 32 96,0xAC,0x30,0x2
07c0: 30 2c 30 78 33 39 2c 30 78 33 42 2c 0a 09 09 30 0,0x39,0x3B,...0
07d0: 78 38 43 2c 30 78 39 32 2c 30 78 36 35 2c 30 78 x8C,0x92,0x65,0x
07e0: 33 37 2c 30 78 30 41 2c 30 78 38 46 2c 30 78 45 37,0x0A,0x8F,0xE
07f0: 43 2c 30 78 37 32 2c 30 78 38 42 2c 30 78 36 31 C,0x72,0x8B,0x61
0800: 2c 30 78 37 44 2c 30 78 36 32 2c 0a 09 09 30 78 ,0x7D,0x62,...0x
0810: 32 34 2c 30 78 35 34 2c 30 78 45 39 2c 30 78 31 24,0x54,0xE9,0x1
0820: 44 2c 30 78 30 31 2c 30 78 36 38 2c 30 78 38 39 D,0x01,0x68,0x89
0830: 2c 30 78 43 34 2c 30 78 37 42 2c 30 78 33 43 2c ,0xC4,0x7B,0x3C,
0840: 30 78 34 38 2c 30 78 36 32 2c 0a 09 09 30 78 39 0x48,0x62,...0x9
0850: 42 2c 30 78 38 33 2c 30 78 31 31 2c 30 78 33 41 B,0x83,0x11,0x3A
0860: 2c 30 78 30 42 2c 30 78 30 44 2c 30 78 45 46 2c ,0x0B,0x0D,0xEF,
0870: 30 78 35 41 2c 30 78 45 34 2c 30 78 37 41 2c 30 0x5A,0xE4,0x7A,0
0880: 78 41 30 2c 30 78 36 39 2c 0a 09 09 30 78 46 34 xA0,0x69,...0xF4
0890: 2c 30 78 35 34 2c 30 78 42 35 2c 30 78 35 42 2c ,0x54,0xB5,0x5B,
08a0: 0a 09 09 7d 3b 0a 09 73 74 61 74 69 63 20 75 6e ...};..static un
08b0: 73 69 67 6e 65 64 20 63 68 61 72 20 64 68 32 30 signed char dh20
08c0: 34 38 5f 67 5b 5d 3d 7b 0a 09 09 30 78 30 32 2c 48_g[]={...0x02,
08d0: 0a 09 09 7d 3b 0a 09 44 48 20 2a 64 68 3b 0a 0a ...};..DH *dh;..
08e0: 09 69 66 20 28 28 64 68 3d 44 48 5f 6e 65 77 28 .if ((dh=DH_new(
08f0: 29 29 20 3d 3d 20 4e 55 4c 4c 29 20 72 65 74 75 )) == NULL) retu
0900: 72 6e 28 4e 55 4c 4c 29 3b 0a 09 64 68 2d 3e 70 rn(NULL);..dh->p
0910: 3d 42 4e 5f 62 69 6e 32 62 6e 28 64 68 32 30 34 =BN_bin2bn(dh204
0920: 38 5f 70 2c 73 69 7a 65 6f 66 28 64 68 32 30 34 8_p,sizeof(dh204
0930: 38 5f 70 29 2c 4e 55 4c 4c 29 3b 0a 09 64 68 2d 8_p),NULL);..dh-
0940: 3e 67 3d 42 4e 5f 62 69 6e 32 62 6e 28 64 68 32 >g=BN_bin2bn(dh2
0950: 30 34 38 5f 67 2c 73 69 7a 65 6f 66 28 64 68 32 048_g,sizeof(dh2
0960: 30 34 38 5f 67 29 2c 4e 55 4c 4c 29 3b 0a 09 69 048_g),NULL);..i
0970: 66 20 28 28 64 68 2d 3e 70 20 3d 3d 20 4e 55 4c f ((dh->p == NUL
0980: 4c 29 20 7c 7c 20 28 64 68 2d 3e 67 20 3d 3d 20 L) || (dh->g ==
0990: 4e 55 4c 4c 29 29 0a 09 09 7b 20 44 48 5f 66 72 NULL))...{ DH_fr
09a0: 65 65 28 64 68 29 3b 20 72 65 74 75 72 6e 28 4e ee(dh); return(N
09b0: 55 4c 4c 29 3b 20 7d 0a 09 72 65 74 75 72 6e 28 ULL); }..return(
09c0: 64 68 29 3b 0a 09 7d 0a 5f 45 4f 46 5f 0a 7d 0a dh);..}._EOF_.}.
09d0: 0a 23 20 45 6e 61 62 6c 65 20 73 75 70 70 6f 72 .# Enable suppor
09e0: 74 20 66 6f 72 20 67 69 76 69 6e 67 20 74 68 65 t for giving the
09f0: 20 73 61 6d 65 20 44 48 20 70 61 72 61 6d 73 20 same DH params
0a00: 65 61 63 68 20 74 69 6d 65 0a 69 66 20 5b 20 22 each time.if [ "
0a10: 24 31 22 20 3d 20 27 66 61 6c 6c 62 61 63 6b 27 $1" = 'fallback'
0a20: 20 5d 3b 20 74 68 65 6e 0a 09 67 65 6e 5f 64 68 ]; then..gen_dh
0a30: 5f 70 61 72 61 6d 73 5f 66 61 6c 6c 62 61 63 6b _params_fallback
0a40: 20 26 26 20 65 78 69 74 20 30 0a 0a 09 65 78 69 && exit 0...exi
0a50: 74 20 31 0a 66 69 0a 0a 67 65 6e 5f 64 68 5f 70 t 1.fi..gen_dh_p
0a60: 61 72 61 6d 73 5f 6f 70 65 6e 73 73 6c 20 26 26 arams_openssl &&
0a70: 20 65 78 69 74 20 30 0a 67 65 6e 5f 64 68 5f 70 exit 0.gen_dh_p
0a80: 61 72 61 6d 73 5f 72 65 6d 6f 74 65 20 26 26 20 arams_remote &&
0a90: 65 78 69 74 20 30 0a 67 65 6e 5f 64 68 5f 70 61 exit 0.gen_dh_pa
0aa0: 72 61 6d 73 5f 66 61 6c 6c 62 61 63 6b 20 26 26 rams_fallback &&
0ab0: 20 65 78 69 74 20 30 0a 0a 65 78 69 74 20 31 0a exit 0..exit 1.